summaryrefslogtreecommitdiff
path: root/modules/nixos/personal
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixos/personal')
-rw-r--r--modules/nixos/personal/default.nix1
-rw-r--r--modules/nixos/personal/services/default.nix4
-rw-r--r--modules/nixos/personal/services/nginx.nix21
3 files changed, 26 insertions, 0 deletions
diff --git a/modules/nixos/personal/default.nix b/modules/nixos/personal/default.nix
index 735f9af..ebaaf80 100644
--- a/modules/nixos/personal/default.nix
+++ b/modules/nixos/personal/default.nix
@@ -8,6 +8,7 @@
./monitoring.nix
./networking
./nix.nix
+ ./services
./system.nix
./user.nix
];
diff --git a/modules/nixos/personal/services/default.nix b/modules/nixos/personal/services/default.nix
new file mode 100644
index 0000000..405bdc1
--- /dev/null
+++ b/modules/nixos/personal/services/default.nix
@@ -0,0 +1,4 @@
+{ ... }:
+{
+ imports = [ ./nginx.nix ];
+}
diff --git a/modules/nixos/personal/services/nginx.nix b/modules/nixos/personal/services/nginx.nix
new file mode 100644
index 0000000..50d6152
--- /dev/null
+++ b/modules/nixos/personal/services/nginx.nix
@@ -0,0 +1,21 @@
+{ config, lib, ... }:
+{
+ services.nginx = {
+ # recommended settings
+ recommendedBrotliSettings = lib.mkDefault true;
+ recommendedGzipSettings = lib.mkDefault true;
+ recommendedOptimisation = lib.mkDefault true;
+ recommendedProxySettings = lib.mkDefault true;
+ recommendedTlsSettings = lib.mkDefault true;
+ recommendedUwsgiSettings = lib.mkDefault config.services.uwsgi.enable;
+
+ # return 444 when trying to connect to some unknown virtual host
+ virtualHosts."_" = {
+ default = true;
+ extraConfig = ''
+ return 444;
+ '';
+ };
+
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-19 04:31:51 +0000